dbAdmin includes the following permissions in the db scope:
collStats
dbHash
dbStats
find
killCursors
listIndexes
listCollections
dropCollection and createCollection on system.profile only
userAdmin includes the following permissions in the db scope:
changeCustomData
changePassword
createRole
createUser
dropRole
dropUser
grantRole
revokeRole
viewRole
viewUser
readAnyDatabase collection is readable and contains listDatabases permission
readWriteAnyDatabase is readable and writable for collection in all databases and contains listDatabases permission
userAdminAnyDatabase has userAdmin role for all databases and contains listDatabases permission
dbAdminAnyDatabase has the dbAdmin role for all databases, and also includes the listDatabases permissions
cluster-related permissions clusterMonitor, hostManager, clusterManager, clusterAdmin
root permissions: including readWriteAnyDatabase, dbAdminAnyDatabase, userAdminAnyDatabase and clusterAdmin and other roles. But can not access the collection at the beginning of system.(root does not include any access to collections that begin with the system. prefix.)
__system: super role permissions
Related official documents:
http://docs.mongodb.org/manual/reference/built -in-roles/#__system
http://www.tuicool.com/articles/fMZbUzu
------------------------------ -------------------------------------
Example:
use webdb
db.createUser(
{
user: "user ",
pwd: "123",
roles: [{ "role" : "root","db" : "admin"},"readWrite"]
}
)
Create a user user on the webdb database, with root permissions on the admin database, and
writable permission
MongoDB user role authorization
Guess you like
Origin http://10.200.1.11:23101/article/api/json?id=326596725&siteId=291194637
Recommended
Ranking